Skip Navigation
Expand
Using wildcards in domain names in security configuration settings
Answer ID 2709   |   Last Review Date 12/16/2018

How should I use wildcards so as to not affect network efficiency?

Environment:

Using wildcards in domain names within configuration settings

Resolution:

While several configuration strings in the Oracle B2C Service application allow for wildcards in the domain names, it is important to use them carefully in order to maintain peak network efficiency.

When a login is being processed, if the first string encountered is a wildcarded domain name (or a fully-qualified domain name) then the application will perform a reverse DNS lookup against that domain name to see if the IP is coming from the domain.  This can add as many as 10 seconds to round trip times and adversely affect the ability of agents that are geographically separate from the hosting pod.   

The best practice in this case would be to add the hard-coded IP addresses first, domain names next, and the wildcarded domain names last.  It is preferable as well, to use as few domain names as possible, and hard coded IPs whenever feasible.

For more information about the security configurations affected by these strings, refer to your site's System Configuration settings.  For more information on accessing the Configuration Editor and editing settings, refer to Answer ID 1960: Editing Configuration Settings.